PAM Unable to dlopen pam_ldap.so

Hello All,

I haven’t dealt much with schedulers, and I just installed PBS Pro (Community Edition) on a Redhat 7 server. After I try to initiate the pbs service, I get the following status:

[root@joule ~]# systemctl status -l pbs
● pbs.service - Portable Batch System
Loaded: loaded (/opt/pbs/libexec/pbs_init.d; enabled; vendor preset: disabled)
Active: active (running) since Tue 2020-04-14 18:46:23 PDT; 50min ago
Docs: man:pbs(8)
Process: 4910 ExecStart=/opt/pbs/libexec/pbs_init.d start (code=exited, status=0/SUCCESS)
Tasks: 140
Memory: 30.9M
CGroup: /system.slice/pbs.service
├─5835 /opt/pbs/sbin/pbs_comm
├─6281 /opt/pbs/sbin/pbs_mom
├─6521 /opt/pbs/sbin/pbs_sched
├─7162 /opt/pbs/sbin/pbs_ds_monitor monitor
├─7247 /usr/bin/postgres -D /var/spool/pbs/datastore -p 15007
├─7272 postgres: logger process
├─7274 postgres: checkpointer process
├─7275 postgres: writer process
├─7276 postgres: wal writer process
├─7277 postgres: autovacuum launcher process
├─7278 postgres: stats collector process
├─7319 postgres: postgres pbs_datastore 198.143.55.12(45004) idl
└─7344 /opt/pbs/sbin/pbs_server.bin

Apr 14 18:47:10 joule su[7021]: PAM unable to dlopen(/usr/lib64/security/pam_ldap.so): /usr/lib64/security/pam_ldap.so: cannot open shared object file: No such file or directory
Apr 14 18:47:10 joule su[7021]: PAM adding faulty module: /usr/lib64/security/pam_ldap.so
Apr 14 18:47:10 joule su[7021]: (to postgres) root on none
Apr 14 18:47:11 joule su[7091]: PAM unable to dlopen(/usr/lib64/security/pam_ldap.so): /usr/lib64/security/pam_ldap.so: cannot open shared object file: No such file or directory
Apr 14 18:47:11 joule su[7091]: PAM adding faulty module: /usr/lib64/security/pam_ldap.so
Apr 14 18:47:11 joule su[7091]: (to postgres) root on none
Apr 14 18:47:14 joule su[7164]: PAM unable to dlopen(/usr/lib64/security/pam_ldap.so): /usr/lib64/security/pam_ldap.so: cannot open shared object file: No such file or directory
Apr 14 18:47:14 joule su[7164]: PAM adding faulty module: /usr/lib64/security/pam_ldap.so
Apr 14 18:47:14 joule su[7164]: (to postgres) root on none
Apr 14 18:47:22 joule pbs_init.d[4910]: Starting PBS in background

Can anyone shed some light on this “Pam Unable to dlopen…”?
While it is true that pam_ldap.so is not in the “/usr/lib64/security” directory, I believe that this package (if it exists) is not necessary, or is it?

PBS is trying su to user postgres and is unable to.
I think your /etc/pam.d/su has pam_ldap.so listed.

Yes I just noticed the su, thank you for pointing that out. The user postgres does have a password. What is the typical way for allowing pbs to switch user to postgres?

In this case, I believe, if su is successful - we should be fine.

ok that’s reassuring. One last off topic question: Why must we disable SELinux instead of having it in permissive mode?

Hey @zistambo - Apologies for a late reply.
I always prefer SELinux in Permissive mode (only if Enforcing is not possible at all), rather than disabling it.

1 Like

Great. This thread can be closed

Thank you. I hope you were able to get PBS up and running.